Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-CENTOS8-BINDEXPORTLIBS-1961612
- published 29 Oct 2021
- disclosed 27 Oct 2021
How to fix?
bind-export-libs to version 32:9.11.36-3.el8 or higher.
Note: Versions mentioned in the description apply only to the upstream
bind-export-libs package and not the
bind-export-libs package as distributed by
How to fix? for
Centos:8 relevant fixed versions and status.
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.